Pregled bibliografske jedinice broj: 1052156
An Overview of Cybersecurity Regulations and Standards for Medical Device Software
An Overview of Cybersecurity Regulations and Standards for Medical Device Software // Proceedings of the 28th Central European Conference on Information and Intelligent Systems / Strahonja, Vjeran ; Kirinić, Valentina (ur.).
Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu, 2017. str. 237-249 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), stručni)
CROSBI ID: 1052156 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
An Overview of Cybersecurity Regulations and Standards for Medical Device Software
Autori
Hrgarek Lechner, Nadica
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), stručni
Izvornik
Proceedings of the 28th Central European Conference on Information and Intelligent Systems
/ Strahonja, Vjeran ; Kirinić, Valentina - Varaždin : Fakultet organizacije i informatike Sveučilišta u Zagrebu, 2017, 237-249
Skup
28th Central European Conference on Information and Intelligent Systems
Mjesto i datum
Varaždin, Hrvatska, 27.09.2017. - 29.09.2017
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
cybersecurity ; FDA ; information security ; medical device software ; security risk management
Sažetak
This paper discusses current cybersecurity regulations and standards for medical device software set by government agencies and agencies developing industry and international standards such as the FDA (Food and Drug Administration), CFDA (China Food and Drug Administration), ISO (International Organization for Standardization), IEC (International Electrotechnical Commission), UL (Underwriters Laboratories), and others. The concepts described within this paper can be utilized by medical device manufacturers in order to establish a cybersecurity program as part of their quality management systems. In general, there are three complementary ways based on the NIST (National Institute of Standards and Technology) cybersecurity framework that can be used to remove gaps in the organization’s cybersecurity. The first way focuses on designing software products that take cybersecurity into account (i.e., prevention). The second way is to perform security and penetration testing and to apply other cybersecurity controls to reduce attacks and vulnerabilities that could be exploited (i.e., detection). The third way emphasizes maintenance plan in case of a cyberattack (i.e., response and recovery).
Izvorni jezik
Engleski
Znanstvena područja
Informacijske i komunikacijske znanosti
